pull/467/head
Deborah Servili 2019-10-31 10:37:36 +01:00
parent 0a8f989e1c
commit bee9b80898
No known key found for this signature in database
GPG Key ID: 7E3A832850D4D7D1
2 changed files with 15 additions and 8 deletions

View File

@ -671,12 +671,12 @@
"https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-july-wicked-spider/"
],
"synonyms": [
"Winnti Umbrella"
"Winnti Umbrella",
"Winnti Group",
"Tailgater Team",
"Suckfly"
"Suckfly",
"APT41",
"APT 41",
"APT 41"
"Group 72",
"Group72",
"Tailgater",

View File

@ -665,7 +665,8 @@
"SUQ",
"Agent.ALQHI",
"RbDoor",
"RibDoor","HIGHNOON"
"RibDoor",
"HIGHNOON"
],
"type": [
"Backdoor"
@ -5355,7 +5356,10 @@
"refs": [
"https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf"
],
"synonyms":[ "POISONPLUG", "Barlaiy"]
"synonyms": [
"POISONPLUG",
"Barlaiy"
]
},
"related": [
{
@ -7864,11 +7868,14 @@
"value": "Netscan"
},
{
"value":"ShadowHammer",
"description": "Malware embedded in Asus Live Update in 2018. ShadowHammer triggers its malicious behavior only if the computer it is running on has a network adapter with the MAC address whitelisted by the attacker.",
"meta": {
"refs": ["https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf"]
}
"refs": [
"https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf"
]
},
"uuid": "c1815516-aa2a-43d2-9136-78a8feb054b6",
"value": "ShadowHammer"
}
],
"version": 127